While all employees and company functions are vulnerable to security breaches, the nature of marketing makes marketers particularly at risk. Since marketers generally spend the most time on social media, are early adopters of new technologies and share files and data with third-party vendors via shared services like DropBox and WeTransfer, they pose a disproportionate risk to their organization. Marjorie Valin, Vice President of Marketing for Summit Business Technologies, an IT security services provider based in Millersville, MD, warned, “Marketers are low-hanging fruit for hackers. Any shared credentials or interface that allows for the exchange of information can put confidential, personal or intellectual property data at risk.”
Valin noted that the number of e-mails marketers receive each day and their high level of communication and engagement with those outside their organization make them a prime target for phishers and cybercriminals looking to obtain critical information or infect the organization’s networks with malware.
So what steps should marketers take to assess their risk and build a strategy to protect their organization?
- While file-sharing services like DropBox, Box and WeTransfer are convenient to use, you lose control of your data and intellectual property because your files are stored on someone else’s server. Opt for a private FTP site instead.
- Make sure your web hosting is secure. If you’re paying less than $20/month for hosting, chances are it isn’t. To ensure your website won’t be hijacked, deleted or otherwise used to attack your company, make sure you have moved from HTTP to HTTPS secure protocol. Valin noted that starting on July 1 of this year, Google will mark HTTP sites as “not secure,” which is not a message marketers want to send to customers and clients.
- Employees should use collaborative applications that are protected by network security when using sensitive and confidential data in their work, rather than creating their own spreadsheets and storing them on their hard drive. This is particularly essential for organizations subject to security regulations.
- Be vigilant about employee access: when freelancers, contractors and other staff move on from the organization, make sure their login to your networks is deactivated.
- Your employees can be your greatest asset against cyberattacks, but they can also be your weakest link. Make security a part of your company culture through awareness and reinforcement.
- Ensure your passwords are secure and not vulnerable. Valin recommended choosing 3 random words in a document and stringing them together, making sure they total at least 12 characters.
- Prepare for the worst: put together an incident response communications plan and ensure all team members involved are ready to respond quickly to minimize reputational damage in the event of a breach.
Valin recommended that marketers reach out to their IT and HR departments to build a security culture in their organization: “Collaboration in building internal understanding and support for security protocols ultimately will protect your brand, reputation and the trust you’ve built up over the years.” She also advised consulting with IT when making decisions on implementing new technologies, to ensure they are compatible with existing systems and that they don’t create potential security issues.
While the nature of marketing can increase vulnerability to security breaches, by taking the above steps and involving all colleagues in creating a security culture, marketers can protect their organization’s customers and reputation.